[Development] Monitoring of upstream vulnerabilities

Thiago Macieira thiago.macieira at intel.com
Tue Jun 19 22:50:54 CEST 2018


On Tuesday, 19 June 2018 13:15:18 PDT Jason H wrote:
> > Currently, we use https://github.com/clearlinux/cve-check-tool. This is
> > going to be replaced with CVEMAN -
> > https://github.intel.com/kcwells/cveman. Both tools consume the feed from
> > the National Vulnerability Database from the US NIST -
> > https://nvd.nist.gov/.
> 
> Is that intel server publicly accessible?

The dashboard the tool produces isn't, but I also don't see why you'd want 
that. It's not applicable to Qt. The only people who would want access to it 
are the people who are working on the distribution and will apply the patches.

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center






More information about the Development mailing list